Microsoft is expected to release a security patch to address a Critical vulnerability

Cooler King

Microsoft is expected to release a security patch to address a Critical vulnerability in IE8. For December, Microsoft is planning to release six new security bulletins that are expected different vulnerabilities in several Windows products. Some of the vulnerabilities are in Windows7, some in Internet Explorer 8, and some in Microsoft Office Products. On the office side the vulnerabilities affect Project, Word, and Worlks 8.5.
Microsoft Security Response Center

Proof of Concept for the security flaws was released to the public recently, which prompted MicrosoftÃ¢â‚¬â„¢s response. In computer security the term proof of conceptis often used as a synonym for a zero-day exploit which, mainly for its early creation, does not take full advantage of some vulnerability. The zero-day, the day of release, means that the item in question, in this case the software IE8 has a weakness that has not been fully exploited. But for Microsoft the weakness will be addressed in the patch upgrade.

Vulnerability Table Windows 7

According to a Microsoft Spokesman, Jerry Bryant, security program manager, Ã¢â‚¬Â The IE update maps to bulletin number 4 in the ANS and will be at the top of our deployment priority list. The other critical update affecting Windows (bulletin number 1) will have a lower Exploitability Index rating, so while the impact is higher with a critical severity rating, the lower risk will drop the deployment priority down a little. The final critical update affecting Microsoft Project (bulletin number 3), is only critical for Project 2000. The other affected versions are important. That coupled with a lower Exploitability Index will also drive it down on the deployment priority list. Customers have asked us to map the numbered bulletins in the ANS to the final bulletin IDÃ¢â‚¬â„¢s after release so we will be doing that in the blog post here on Tuesday.Ã¢â‚¬Â
The vulnerability table for Server 2008